Thingbots, botnets built exclusively from Internet of Things (IoT) devices, are set to become the infrastructure for a future darknet. This is one of the key findings of F5 Networks’s latest report, “Threat Analysis: The Hunt for IoT – the Rise of Thingbots,” which continues to track Telnet activity, and the progressions of Mirai, as well as Persirai, a new thingbot.
According to IoT Agenda of techtarget.com, “IoT is a system of interrelated computing devices, mechanical and digital machines, objects, animals or people that are provided with unique identifiers and the ability to transfer data over a network without requiring human-to-human or human-to-computer interaction. A thingbot is something with an embedded system and an Internet connection that has been coopted by a hacker to become part of a botnet of networked things.”
The F5 Network report exposes how IoT devices have been, and will continue to be one of the most highly exploitable tools in the arsenals of cyber attackers.

The Department of Information Communication Technology, a government bureau established in 2016 to help police the Philippine internet, launched the National Cybersecurity Plan 2022 early this year.


As shown in the map above, cybersecurity will continue to remain a key concern in today’s ever connected world, driven by the rise of IoT.
Hackers find new ways to leverage unprotected devices to launch cyber attacks. The reality remains – our world of unsecured devices is the new playground for hackers; and according to F5 Networks’ latest report, this is not going to change (until IoT manufacturers are forced to secure these devices), as IoT devices are becoming the “cyberweapon delivery system of choice” by today’s botnet-building attackers.

Some of the key insights:
• IoT attacks rose by 280%, attributed to the Mirai malware and its subsequent attacks (Image above)
• China, previously the top source country from which attacking activity originated, has dropped off significantly, contributing less than 1% to the total attack volume
• Spain has taken over as the leader in attacks, with 83% of attacks launched from a hosting provider network based there
• Hackers are building thingbots based on specific disclosed vulnerabilities in IoT devices, rather than having to find new exploits

What does this mean for enterprises?
• Have a DDoS strategy ready at hand
• Ensure redundancy for critical services, and that they are prepared for downstream impact
• Implement credential stuffing solutions
• Train employees on the threat and vulnerability of IoT devices – the more aware they are of these threats, the less likely they are to become affected by the attacks
Threat Analysis: The Hunt for IoT – the Rise of Thingbots is the third volume of F5 Networks’s IoT reports, following the second volume Threat Analysis Report: The Hunt for IoT. To find out more on the subject, the full report is available here with further detail on global and market trends.
F5 makes apps go faster, smarter, and safer for the world’s largest businesses, service providers, governments, and consumer brands. F5 delivers cloud and security solutions that enable organizations to embrace the application infrastructure they choose without sacrificing speed and control. For more information, go to f5.com. You can also follow @F5NetworksAPJ on Twitter, LinkedIn and Facebook.